AuthenticationSuccessHandler Spring MVC中的Java配置 [英] AuthenticationSuccessHandler in spring mvc java based configuration

问题描述

我有三个角色，我想根据自己的角色，用户重定向到登录后不同的页面。我知道这可以通过AuthenticationSuccessHandler做，但我在基于Java的配置文件中声明它遇到了麻烦。到目前为止，我已经做到了这一点。

I have three roles, and i want to redirect user to different pages after login according to their roles. I know this can be done by AuthenticationSuccessHandler, but i am having trouble in declaring it in java based configuration. So far i have done this.

protected void configure(HttpSecurity http) throws Exception {

     http
     .authorizeRequests()                                                                
    .antMatchers("/resources/**", "/login").permitAll()                  
    .antMatchers("/admin/**").hasRole("USER")                           
    .and()

    .formLogin()
        .loginPage("/login")
        .defaultSuccessUrl("/")
        .successHandler(successHandler) //----- to handle user role
        .failureUrl("/loginfailed")             
        .permitAll()
        .and()

    .logout()
        .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
        .deleteCookies("JSESSIONID")
        .invalidateHttpSession( true )
        .and();                    
}

我的问题是在哪里声明successHandler以及如何自动装配它在这一类，或者如何声明successHandler方法在这个类并使用它。

My question is where to declare successHandler and how to autowire it in this class, or how to declare successHandler method in this class and use it.

推荐答案

试试这个：<一href=\"http://stackoverflow.com/questions/21097528/moving-spring-security-to-java-config-where-does-authentication-success-handler\">Moving春季安全到Java配置，哪里认证成功的处理程序，裁判去了？

从上面的帖子code：

Code from the post above:

@Override
protected void configure(HttpSecurity http) throws Exception {
http
    .authorizeRequests()
      .anyRequest().authenticated()
      .and()
    .formLogin()
      .loginPage("")
      .defaultSuccessUrl("/")
      .failureUrl("")
      .successHandler(//declare your bean here) 
      .and()
    .logout()
      .permitAll()
      .and()
  }

然后在验证处理程序可以应用所需的逻辑

Then in the authentication handler you can apply the required logic

public class MYSuccessHandler implements    AuthenticationSuccessHandler {


private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

@Override
public void onAuthenticationSuccess(HttpServletRequest request,
  HttpServletResponse response, Authentication authentication) throws IOException {
    handle(request, response, authentication);

}

protected void handle(HttpServletRequest request,
  // logic

    redirectStrategy.sendRedirect(request, response, targetUrl);
}

/** Builds the target URL according to the logic defined in the main class Javadoc. */
protected String determineTargetUrl(Authentication authentication) {
  }
   }

在这里列出教程 http://www.baeldung.com/spring_redirect_after_login

这篇关于AuthenticationSuccessHandler Spring MVC中的Java配置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！